const md5 = require("md5");
// const uuid = require("uuid");
/**
 * api签名 校验 堆成加密
 * */
module.exports = (app) => {
  return async (ctx, next) => {
    if (ctx.path.indexOf("/api") < 0) {
      return await next();
    }
    const { path, method } = ctx;
    const { header } = ctx.request;
    const { s_sign: sSign, s_t: st } = header;
    const signKey = "a77d0c22-aa83-49a1-be91-65725d4123fc";
    const signature = md5(`${signKey}_${st}}`);
    app.logger.info(`[${method} ${path}] signature: ${signature}`);
    if (
      !sSign ||
      !st ||
      signature !== sSign.toLowerCase() ||
      Date.now() - st > 600 * 1000
    ) {
      ctx.status = 200;
      ctx.body = {
        success: false,
        message: "signature not correct!!",
        code: 445,
      };
      return;
    }
    await next();
  };
};
